Philipp's Computing Blog

Success is about speed and efficiency

Posts with the tag networking

IP Address Analysis Using Python

Find out more about IP addresses (IPv4 and IPv6) using the Python module IPy:

#!/usr/bin/env python

from IPy import IP

ip_s = raw_input('Please enter an IP address or range: ')
try:
    i =...

Read on

OpenWrt on a TP-Link TL-MR3020 Router

This is a really compact and cheap router to take with you to hotels etc. to secure your internet access via VPN or redistribute a network.

The Hardware

You can get some information on the used hardware from my /proc/cpuinfo, /proc/meminfo and dmesg.

I put some photos I made of...

Read on

Make RS232 Serial Devices Accessible via Ethernet

Standards

The RFC 2217 standardizes the transmission of serial connection data via Ethernet, allowing to change remote serial port parameters (such as speed, parity, stop bits) over TCP using NVT (Network Virtual Terminal).

Implementations

Connection between your serial device and the Ethernet

  • YPort - a hardware and software solution (microcontroller AVR ATmega based...

Read on

Use Synergy on Mac

http://synergy-foss.org/pm/projects/synergy/wiki/UsingSynergy

Install:

cd ~/Downloads
curl -C - -O http://synergy.googlecode.com/files/synergy-1.4.5-MacOSX107-x86_64.dmg
open synergy-1.4.5-MacOSX107-x86_64.dmg
cd /Volumes/Synergy/
cp -r Synergy.app /Applications/

Start the server:

synergys -f --config ~/synergy.conf

where synergy.conf is:

# sample synergy configuration file
#
# comments begin with the # character and continue to the end of line.
# comments may appear anywhere the syntax...

Read on

Fix a problem with NX on Ubuntu 10.10 with the key d (inadvertently minimizing the current window)

Go to System → Preferences → Keyboard Shortcuts and set the shortcut for Hide all normal windows and set focus to desktop to something sane like Alt + D

update 2011-07-13: This happened again when I used Ubuntu 11.04 inside a NX session on a Mac OS X host computer. :(

resources

Read on

Watch the network for an IP conflict - ipwatchd

Installation on Ubuntu:

sudo aptitude install ipwatchd-gnotify

if configured correctly (true by default) it will show you graphical warnings for IP conflicts as well as create log entries in /var/log/syslog (check for log messages containing ipwatchd).

Advanced configuration options are described and have to be set in the file/etc/ipwatchd.conf. This could...

Read on

How to use tcpdump

You can use tcpdump to debug TCP/IP connections.

How it works

1st console run tcpdump:

philipp@lion:~$ sudo tcpdump -i lo
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 96 bytes
09:55:05.968006 IP lion > lion: ICMP echo request, id 5745, seq 1,...

Read on

React to IP Takeover

When someone has taken your IP, react!

Set your IP to the correct one (belonging to you):

sudo ifconfig eth0 201.2.16.41 netmask 255.255.255.0

and run arping to get the IP back on your side:

sudo arping -U -c 3 -I eth0 201.2.16.41
sudo arping -A -c 3 -I eth0 201.2.16.41

Also have...

Read on

Mount a GMail account as Filesystem using gmailfs

Warning: my experience with gmailfs was not excellent! It was a bit slow and you always risk to lose data you stored on that account.


based on IMAP: http://sr71.net/projects/gmailfs/
(it used to be http://richard.jones.name/google-hacks/gmail-filesystem/gmail-filesystem.html but this was based on the Webinterface and that changed often)

gmailfs works with FUSE....

Read on

Set up a Unix User Account with SFTP Access but no other Rights (such as Shell Access)

An easier solution just by setting a line in the configuration of the ssd daemon can be found in the blog post Chroot SFTP users.

http://forum.ubuntuusers.de/post/1884322/
http://manpages.ubuntu.com/manpages/karmic/man1/scponly.1.
http://wiki.ubuntuusers.de/scponly
http://sublimation.org/scponly/wiki/index.php/Main_Page

sudo aptitude install scponly

configuration:

sudo -s
cd /usr/share/doc/scponly/setup_chroot
gunzip setup_chroot.sh.gz
chmod +x setup_chroot.sh
./setup_chroot.sh

this adds the user etc...

sudo...

Read on

Analyse illegal SSH login attempts

Filter the authentication log file for failed authentications and count the attempts (lines in the log file):

grep -i fail /var/log/auth.log | wc -l

Check for all attacks with non existing usernames:

grep -i "Failed password for invalid user" /var/log/auth.log | cut -d " "...

Read on

Workaround for problems with constantly changing resolv.conf

When you don't want other software (like network manager) to mess with your DNS server settings, make /etc/resolv.conf immutable:

sudo chattr +i /etc/resolv.conf

It can be undone like this:

sudo chattr -i /etc/resolv.conf

resources

http://ubuntuforums.org/showthread.php?t=435525

...

Read on

checksum offloading - wireshark

http://www.wireshark.org/docs/wsug_html_chunked/ChAdvChecksums.html

If wireshark reports many wrong checksums, this can be caused by checksum calculations done by hardware which means that the wrong checksums reported by Wireshark are simply meaningless.

If you're sure, that's the problem, you may simple not care about wrong checksums:

  • Turn off the checksum offloading in the network...

Read on

Anonymising Internet Usage

with Tor

http://wiki.ubuntuusers.de/Tor
https://help.ubuntu.com/community/TOR

installation http://wiki.ubuntuusers.de/Tor/Installation

gpg --keyserver subkeys.pgp.net --recv-keys 0x94C09C7F
gpg --export 0x94C09C7F | sudo apt-key add -
echo "deb http://mirror.noreply.org/pub/tor jaunty main" | sudo tee -a /etc/apt/sources.list
sudo apt-get update 
sudo apt-get install tor

setup of a HTTP-Proxy for tor Tor being a Socks-Proxy (not a HTTP-Proxy) means you can't...

Read on

Check Open Ports on Local Machine Using Netstat

run netstat like this:

sudo netstat -lntup

and you get an output like this:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State     ...

Read on

Installing Google Chrome on Ubuntu 9.04

http://ubuntublog.ch/applikationen/google-chrome-fuer-ubuntu

sudo gedit /etc/apt/sources.list

Then add to the file:

# Google Chrome
deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main
deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main

And add the sign-key to you keyring:

sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xfbef0d696de1c72ba5a835fe5a9bf3bb4e5e17b5

Then update and install:

sudo apt-get...

Read on

Set Up Public/Private Key Authentication for SSH to Connect from Laptop ↔ Desktop Without a Password Prompt

On both Linux/Unix computers you have to make sure they have a public key ~/.ssh/id_rsa.pub. If it is not there yet, run:

ssh-keygen -t rsa -b 4096

The desktop should be able to connect to the laptop with no password: (we work on the desktop here):

scp ~/.ssh/id_rsa.pub philipp@laptop:~/tmp-key.pub
ssh philipp@laptop
cat...

Read on

Use the tool x2x to use your mouse and keyboard as input for a differenct computer — works well!

With the very small toolx2x you can move your mouse to the left edge of your local screen and will continue to move over to the remote desplay. Your keyboard works on both computers as well, and you can even copy-paste between the two computers. It looks like the...

Read on

lighttpd webserver

http://www.lighttpd.net/
documentation: http://redmine.lighttpd.net/wiki/lighttpd
http://www.ubuntugeek.com/lighttpd-webserver-setup-with-php5-and-mysql-support.html
https://wiki.ubuntu.com/Lighttpd%2BPHP
http://wiki.ubuntuusers.de/Lighttpd

Installation

sudo apt-get install lighttpd

The webdocuments root folder is /var/www. Refer to the ubuntugeek.com site for more features (php etc) .

change ownership of /var/www in order to be able to put files there as normal user

sudo chown philipp /var/www
sudo chgrp philipp...

Read on

DNS Lookup on The Terminal

Use the CLI programs host or dig to resolve domain names to IPs (and get some more information).

So when you run host example.com for example you will get the answer

example.com has address 192.0.32.10
example.com has IPv6 address 2620:0:2d0:200::10

The output of the run of dig example.com is more detailed:

Read on

Send `net send` commands like on Windows using Linux

On Windows Systems you can send short messages using the net send command. This is also possible using smbclient on Linux:

smbclient -M Hostname_or_IP "nachricht"

You can also pipe-in the text to send:

echo "Nachrichtentext" | smbclient -M Hostname_or_IP

Or directly send textfiles up to 1.6 KB:

cat msg.txt...

Read on

Make SSHd React Faster on Connect

If your ssh connection is established only with a delay of about 2-4 seconds (even when you are connected to a fast network), you can try the tips in this post.

What to try first

Debug you ssh connection: using ssh philipp@lion.ath.cx -p 28 -vvv (note the -vvv switch at the end).
Often...

Read on

Set up an SMTP Server Without Authentification

http://wiki.ubuntuusers.de/Postfix#Grundkonfiguration

I don't like to set up an SMTP server without authentification but I needed it for a special hardware, the Koukaam NETIO 230A. It sends reports of its operation via unauthenticated SMTP emails.

sudo aptitude install postfix
...

Read on

tinc vpn - with automatic full mesh routing

tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. It runs on many platforms including Linux, FreeBSD, OpenBSD, NetBSD, MacOS/X, Solaris, Windows 2000, XP, Vista and Windows 7.

The installation of tinc on Ubuntu Linux is...

Read on

The screen command - A versatile tool

With screen you can run an SSH command without interrupting the execution when the connection is lost. In case of a connection loss, all you have to do is to reconnected to the SSH host again when a connection is available and attach to the former screen session again.

Install screen:

Read on

Chroot SFTP users

OpenSSH supports jailing SFTP users to a directory (using chroot) just by changing its configuration file:

Basically you add the users you want to jail to a linux user group (sftp) and add the following lines to /etc/ssh/sshd_config:

### Comment out the following line:
#Subsystem sftp /usr/lib/openssh/sftp-server
### and replace with:
Subsystem sftp...

Read on